-
Install Necessary Packages
yum -y install authconfig krb5-workstation pam_krb5 samba-common oddjob-mkhomedir -
Set DNS Nameservers to Primary Domain Controller and Secondary View config like this
cat /etc/resolv.confand make sure the nameservers point at the domain controller IPs. -
Join Domain This will join the domain. It's multi-line for readability. You can copy/paste the whole thing into the terminal and it will work
NOTE: You must edit the last 4 lines below to include your domain admin and domain details. Make sure the DOMAIN is all CAPS.
authconfig --disablecache
--enablelocauthorize
--enablewinbind
--enablewinbindusedefaultdomain
--enablewinbindauth
--smbsecurity=ads
--enablekrb5
--enablekrb5kdcdns
--enablekrb5realmdns
--enablemkhomedir
--enablepamaccess
--updateall
--smbidmapuid=100000-1000000
--smbidmapgid=100000-1000000
--disablewinbindoffline
--winbindtemplateshell=/bin/bash
--winbindjoin=DOMAIN-ADMIN-USERNAME
--smbworkgroup=DOMAIN
--smbrealm=DOMAIN.LOCAL
--krb5realm=DOMAIN.LOCAL
```
It will prompt your for your domain admin password. Enter it, then press Enter and it should show a success message.
-
Add Server Admins Group to Sudoers This assumes you have an AD group called "Server Admins"
echo "%Server\ Admins ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers -
Reboot
sudo reboot
Now, any user in AD with Unix Attributes set on their profile will be able to log in and any user in the "Server Admins" group will have sudo.
Hey, not sure if I'm understanding what you're asking. Did you mean having multiple domain controllers clustered or across different subnets (surely we don't want one DC to be a single point of failure), or two different domains?
Also, CentOS 6 is way out of support at this point. I'm not sure if this method works in CentOS 8 or other Linux distros that use yum package manager